公开(公告)号：US07523307B2

公开(公告)日：2009-04-21

申请号：US10042652

申请日：2002-01-08

申请人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Sigfredo Ismael Nin ,  Florian Pestoni

发明人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Sigfredo Ismael Nin ,  Florian Pestoni

IPC分类号： H04L9/00 ,  H04L9/32 ,  G06F12/14

CPC分类号： H04L63/0428 ,  G11B20/0021 ,  H04L9/0836 ,  H04L9/0891 ,  H04L12/18 ,  H04L2209/605 ,  H04L2209/606

摘要： A method for enforcing compliance in both the copy protect domain and service subscription domain for streamed multicast data. Each content is encrypted with a title key that itself is encrypted with a channel unique key which is a hash of a session key and a channel key. A compliant player is given the channel key upon registration for a subscription service (representing subscription protection) and is also given device keys upon activation (representing copy protection) for decrypting the session key. Consequently, the channel unique key can be obtained (and, hence, the content decrypted) only by a player that is compliant with both copy protection rules and subscription rules. The channel key can be refreshed periodically as subscriptions change or expire.

公开(公告)号：US06888944B2

公开(公告)日：2005-05-03

申请号：US09777506

申请日：2001-02-05

申请人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Sigfredo Ismael Nin ,  Florian Pestoni

发明人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Sigfredo Ismael Nin ,  Florian Pestoni

IPC分类号： H04H20/00 ,  H04L9/00 ,  H04L9/08 ,  H04N7/16 ,  H04N7/167 ,  H04N21/258 ,  H04N21/266

CPC分类号： H04N7/163 ,  G11B20/00362 ,  H04L9/0861 ,  H04L9/14 ,  H04L2209/34 ,  H04L2209/606 ,  H04N7/1675 ,  H04N21/2585 ,  H04N21/26613

摘要： Sets of encryption keys useful by devices for decrypting encrypted content are defined using an error-correcting code such as a Reed-Solomon code to define vectors of length “n” over an alphabet of (0, . . . , N−1), wherein “n” is the number of columns in a key matrix and “N” is the number of rows in the matrix. Each vector represents a set of keys that can be assigned to a device. With this invention, overlap between sets of keys can be minimized to minimize the possibility that the key set of an innocent device might be inadvertently revoked when the key set of a compromised device is revoked. Also, only the generating matrix of the error-correcting code and the index of one set of keys need be stored in memory, since all previously defined key sets can be regenerated if need be from just the generating matrix and index.

摘要翻译： 使用诸如里德 - 所罗门码的纠错码来定义加密内容解密设备所使用的加密密钥集合，以在（0，...，N-1）的字母表上定义长度为“n”的向量， 其中“n”是键矩阵中的列数，“N”是矩阵中的行数。 每个向量表示可以分配给设备的一组密钥。 利用本发明，可以最小化密钥组之间的重叠，以最小化当被破坏的设备的密钥组被撤销时，无辜设备的密钥组可能被无意中撤销的可能性。 此外，只有纠错码的生成矩阵和一组密钥的索引需要存储在存储器中，因为如果需要仅来自生成矩阵和索引，则可以重新生成所有先前定义的密钥集。

公开(公告)号：US06883097B1

公开(公告)日：2005-04-19

申请号：US09575740

申请日：2000-05-22

申请人： Jeffrey Bruce Lotspiech ,  Ariel Virgil Mirles ,  Dalit Naor ,  Sigfredo Ismael Nin

发明人： Jeffrey Bruce Lotspiech ,  Ariel Virgil Mirles ,  Dalit Naor ,  Sigfredo Ismael Nin

IPC分类号： H04H20/00 ,  H04L9/00 ,  H04L9/08 ,  H04N7/16 ,  H04N7/167 ,  H04N21/258 ,  H04N21/266

CPC分类号： H04N7/163 ,  G11B20/00362 ,  H04L9/0861 ,  H04L9/14 ,  H04L2209/34 ,  H04L2209/606 ,  H04N7/1675 ,  H04N21/2585 ,  H04N21/26613

摘要： A system for protecting content on recordable media for, e.g., DVD audio disks, flash memory media, or other media includes providing a media key block (MKB) on each media, with each MKB including 25,000 encryptions of a media key by 25,000 or so device keys. Each authorized player in the system has a single device key from among the system device keys with which to decrypt the media key. To avoid a coincidence attack in which a hacker can learn the MKB and associated media key and then guess at a device key without knowing its position in the MKB, the media key is XORed with a number representing each position in the MKB, and only then encrypted with the device key corresponding to that position.

摘要翻译： 用于保护例如DVD音频盘，闪存介质或其他媒体的可记录媒体上的内容的系统包括在每个媒体上提供媒体密钥块（MKB），每个MKB包括25,000个媒体密钥的25,000个加密 设备密钥。 系统中的每个授权的播放器具有用于解密媒体密钥的系统设备密钥中的单个设备密钥。 为了避免黑客可以学习MKB和相关媒体密钥的巧合攻击，然后在不知道其在MKB中的位置的情况下猜测设备密钥，则将媒体密钥与表示MKB中每个位置的数字进行异或， 用与该位置对应的设备密钥加密。

公开(公告)号：US07925025B2

公开(公告)日：2011-04-12

申请号：US12061084

申请日：2008-04-02

申请人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Simeon Naor

发明人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Simeon Naor

IPC分类号： H04L9/00 ,  H04L9/08 ,  G06F7/04 ,  H04N7/16

CPC分类号： H04L63/0428 ,  G11B20/0021 ,  H04L9/0836 ,  H04L9/0891 ,  H04L12/18 ,  H04L2209/605 ,  H04L2209/606

摘要： A tree is used to partition stateless receivers in a broadcast content encryption system into subsets. Two different methods of partitioning are disclosed. When a set of revoked receivers is identified, the revoked receivers define a relatively small cover of the non-revoked receivers by disjoint subsets. Subset keys associated with the subsets are then used to encrypt a session key that in turn is used to encrypt the broadcast content. Only non-revoked receivers can decrypt the session key and, hence, the content.

摘要翻译： 一棵树用于将广播内容加密系统中的无状态接收器分成子集。 公开了两种不同的分割方法。 当识别出一组撤销的接收者时，撤销的接收者通过不相交的子集定义非撤销的接收者的相对较小的覆盖。 与子集相关联的子集密钥然后用于加密会话密钥，会话密钥又用于加密广播内容。 只有非撤销的接收者可以解密会话密钥，因此可以解密内容。

公开(公告)号：US20080192939A1

公开(公告)日：2008-08-14

申请号：US12061084

申请日：2008-04-02

申请人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Simeon Naor

发明人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Simeon Naor

IPC分类号： H04L9/14 ,  H04L9/08 ,  H04L9/28

CPC分类号： H04L63/0428 ,  G11B20/0021 ,  H04L9/0836 ,  H04L9/0891 ,  H04L12/18 ,  H04L2209/605 ,  H04L2209/606

摘要： A tree is used to partition stateless receivers in a broadcast content encryption system into subsets. Two different methods of partitioning are disclosed. When a set of revoked receivers is identified, the revoked receivers define a relatively small cover of the non-revoked receivers by disjoint subsets. Subset keys associated with the subsets are then used to encrypt a session key that in turn is used to encrypt the broadcast content. Only non-revoked receivers can decrypt the session key and, hence, the content.

摘要翻译： 一棵树用于将广播内容加密系统中的无状态接收器分成子集。 公开了两种不同的分割方法。 当识别出一组撤销的接收者时，撤销的接收者通过不相交的子集定义非撤销的接收者的相对较小的覆盖。 与子集相关联的子集密钥然后用于加密会话密钥，会话密钥又用于加密广播内容。 只有非撤销的接收者可以解密会话密钥，因此可以解密内容。

公开(公告)号：US07039803B2

公开(公告)日：2006-05-02

申请号：US09770877

申请日：2001-01-26

申请人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Simeon Naor

发明人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Simeon Naor

IPC分类号： H04L9/00

CPC分类号： H04L63/0428 ,  G11B20/0021 ,  H04L9/0836 ,  H04L9/0891 ,  H04L12/18 ,  H04L2209/605 ,  H04L2209/606

摘要： A tree is used to partition stateless receivers in a broadcast content encryption system into subsets. Two different methods of partitioning are disclosed. When a set of revoked receivers is identified, the revoked receivers define a relatively small cover of the non-revoked receivers by disjoint subsets. Subset keys associated with the subsets are then used to encrypt a session key that in turn is used to encrypt the broadcast content. Only non-revoked receivers can decrypt the session key and, hence, the content.

公开(公告)号：US07698551B2

公开(公告)日：2010-04-13

申请号：US11117677

申请日：2005-04-28

申请人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Simeon Naor

发明人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Simeon Naor

IPC分类号： H04L9/00

CPC分类号： H04L63/0428 ,  G11B20/0021 ,  H04L9/0836 ,  H04L9/0891 ,  H04L12/18 ,  H04L2209/605 ,  H04L2209/606

摘要： A tree is used to partition stateless receivers in a broadcast content encryption system into subsets. Two different methods of partitioning are disclosed. When a set of revoked receivers is identified, the revoked receivers define a relatively small cover of the non-revoked receivers by disjoint subsets. Subset keys associated with the subsets are then used to encrypt a session key that in turn is used to encrypt the broadcast content. Only non-revoked receivers can decrypt the session key and, hence, the content.

摘要翻译： 一棵树用于将广播内容加密系统中的无状态接收器分成子集。 公开了两种不同的分割方法。 当识别出一组撤销的接收者时，撤销的接收者通过不相交的子集定义非撤销的接收者的相对较小的覆盖。 与子集相关联的子集密钥然后用于加密会话密钥，会话密钥又用于加密广播内容。 只有非撤销的接收者可以解密会话密钥，因此可以解密内容。

公开(公告)号：US07010125B2

公开(公告)日：2006-03-07

申请号：US09771239

申请日：2001-01-26

申请人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Simeon Naor

发明人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Simeon Naor

IPC分类号： H04N7/167 ,  H04L9/00

CPC分类号： G11B20/00086 ,  G11B20/0021 ,  G11B20/00224 ,  G11B20/00246 ,  G11B20/00253 ,  G11B20/00492 ,  G11B2220/2537 ,  H04L9/0836 ,  H04L9/0891 ,  H04L2209/601 ,  H04L2209/606 ,  H04N7/1675 ,  H04N21/26606 ,  H04N21/4181 ,  H04N21/4331 ,  H04N21/4623

摘要： A method for tracing traitor receivers in a broadcast encryption system. The method includes using a false key to encode plural subsets representing receivers in the system. The subsets are derived from a tree using a Subset-Cover system, and the traitor receiver is associated with one or more compromised keys that have been obtained by a potentially cloned pirate receiver. Using a clone of the pirate receiver, the identity of the traitor receiver is determined, or the pirate receiver clones are rendered useless for decrypting data using the compromised key by generating an appropriate set of subsets.

公开(公告)号：US06947563B2

公开(公告)日：2005-09-20

申请号：US09789451

申请日：2001-02-20

申请人： Ronald Fagin ,  Jeffrey Bruce Lotspiech ,  Nimrod Megiddo ,  Dalit Naor ,  Simeon Naor

发明人： Ronald Fagin ,  Jeffrey Bruce Lotspiech ,  Nimrod Megiddo ,  Dalit Naor ,  Simeon Naor

IPC分类号： H04H20/00 ,  H04L9/00 ,  H04L9/08 ,  H04N7/16 ,  H04N7/167 ,  H04N21/258 ,  H04N21/266

CPC分类号： H04N7/163 ,  G11B20/00362 ,  H04L9/0861 ,  H04L9/14 ,  H04L2209/34 ,  H04L2209/606 ,  H04N7/1675 ,  H04N21/2585 ,  H04N21/26613

摘要： An encryption key matrix has rows grouped into segments, with a set of one segment per column establishing a slot. Slots are assigned to device manufacturers, with the keys of the slots then being assigned to decryption devices made by the respective manufacturer. In generating the slots, the number “q” of segments in a column is first defined such that a predetermined maximum number of devices can be revoked devices (in that all the keys held by the device are revoked) while ensuring that a good device remains a functional device with a probability of at least (1−Q), wherein Q is a predefined device confidence. Once the number “q” of segments has been defined, the slots themselves are defined in a provably non-discriminatory fashion using an error-correcting code such as a Reed-Solomon code. With this invention, overlap between slots can be minimized to minimize the possibility that the key set of an innocent device might be inadvertently revoked when the keys in the slots of a “bad” manufacturer are revoked.

摘要翻译： 加密密钥矩阵将行分组成段，每列建立一个段的一组。 插槽被分配给设备制造商，然后插槽的密钥被分配给由相应制造商制造的解密设备。 在产生时隙中，首先定义列中的段数“q”，使得可以撤销预定的最大数量的设备（因为设备保持的所有密钥被撤销），同时确保良好设备保持 具有至少（1-Q）的概率的功能设备，其中Q是预定义的设备置信度。 一旦已经定义了段数“q”，则使用纠错码（例如里德 - 所罗门码）以可证明的非歧视方式来定义时隙本身。 利用本发明，可以最小化时隙之间的重叠，以最小化当“坏”制造商的时隙中的密钥被撤销时，无辜设备的密钥组可能被无意中撤销的可能性。

公开(公告)号：US08656178B2

公开(公告)日：2014-02-18

申请号：US10125714

申请日：2002-04-18

申请人： Eric M. Foster ,  Jeffrey B. Lotspiech ,  Dalit Naor ,  Sigfredo I. Nin ,  Florian Pestoni ,  Wilfred E. Plouffe, Jr. ,  Frank A. Schaffa

发明人： Eric M. Foster ,  Jeffrey B. Lotspiech ,  Dalit Naor ,  Sigfredo I. Nin ,  Florian Pestoni ,  Wilfred E. Plouffe, Jr. ,  Frank A. Schaffa

IPC分类号： H04L9/32

CPC分类号： H04L63/10 ,  G06F21/10 ,  G06Q30/06 ,  G11B20/00362 ,  H04L63/12 ,  H04L2463/101

摘要： The present invention provides a method, system and program product for modifying content usage conditions during broadcast content distribution. Specifically, the present invention allows protected (e.g., encrypted, secured, etc.) content to be received along with content usage conditions, an encrypted combination of the content usage conditions and a title key (e.g., a MAC), and a key management block. Using the key management block, a key encrypting key can be determined for decrypting the combination. Once the combination is decrypted, the content usage conditions can be modified (e.g., edited, added to, etc.).

摘要翻译： 本发明提供一种用于在广播内容分发期间修改内容使用条件的方法，系统和程序产品。 具体地，本发明允许与内容使用条件，内容使用条件和标题密钥（例如，MAC）的加密组合以及密钥管理一起接收受保护（例如，加密，安全等）内容 块。 使用密钥管理块，可以确定密钥加密密钥来解密组合。 一旦组合被解密，内容使用条件可以被修改（例如，编辑，添加到等等）。